knowledge/csirp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
csirp/eradication/procedures.md
T
Hermes Agent bf3cadc697 Initial commit: GreySec CSIRP
2026-05-08 18:07:02 -05:00

361 B
Raw Permalink Blame History

Eradication Procedures

1. Identify Root Cause

  • Analyze logs, memory dumps, and network traffic
  • Identify entry point and attacker TTPs
  • Document IOCs

2. Remove Threat

  • Remove malware and backdoors
  • Close unauthorized access points
  • Patch exploited vulnerabilities

3. Validate

  • Confirm systems are clean
  • Monitor for recurring indicators
Reference in New Issue View Git Blame Copy Permalink